FInally I turned by back onto ubuntu and spent my night so far to get Manjaro running. The machine I use it on is a TP T450s, so far I have found nothing show stopping but some minor problems.
I am somehow to stupid to get virtualbox running, I seem to not be able to execute dkms properly so the kernel driver would be loaded...
When I try to start a virtual machine it errors out and a popup tells me to run "/sbin/vboxconfig" which isn't there at all
Further more I opted to encrypt the drive, as it is a laptop, and what was new to me is that you have to enter the password already in grub, where it than takes for ever (2-5mins) until it resumes to boot after entering the password.
Any of you know how to get around these issues, that would make me a happy camper as than all works fine.
That's a new feature of Manjaro. I kinda liked it, but YMMV. My SSD didn't have speed issues with it. It's nice because they don't know what OS you're running, or bootloader, for that matter, until you've unlocked the cryptfs.
Which virtualbox package did you install? you need to run /sbin/vboxconfig as root.
Which flavor (desktop environment) of Manjaro are you using? If you're using Gnome, checkout Gnome Boxes. It's kinda nice.
DKMS is a bit of a bitch. have you tried running sudo dkms autoinstall? That command usually helps me along. If you don't have the Linux header files, you're going to have problems with DKMS. so, find your kernel package, then install kernelname-headers and you should have less of a problem.
Yeah it looks realy neat, but is also quite unforgiving. Aka make a typo and you have to hard-reset to try it agian. And it does not like additional luks slots either. As I ususally have trouble becaus of dhe de_DE keyboard, I usually start over with a numerical only passphrase and late add my desired password to the 2nd slot both for the en and de keymap ^^
But this so far only reliably works with the numerical password in slot 0 - it once worked with the real password in slot 1 but not consistant.
The speed in operation is quite good, so could not complain - only the time it takes for the first unlock is horrible - all other approaches so far with an unencrypted /boot were way way way way faster.
virtualbox | 5.1.10-1 | community
virtualbox-host-dkms | 5.1.10-1.1 | community
linux-rt-lts-manjaro-virtualbox-guest-modeules | 5.1.10-1 | community
linux-rt-lts-manjaro-virtualbox-host-modules | 5.1.10-1 | community
I am new to arch, but more than 10 years on linux ^^ so yes, did that, been there XD Problem, it isn't there
I explained that quite poorly. Sorry, my head's killing me right now. Damn weather.
The Manjaro linux 4.4 package is called linux44 or linux-44 (I can't remember exactly). let's start from there. I'm not at a Manjaro installation, so I can't follow along exactly, but you should be able to pull down linux44-headers or something of the sort. Just do a pacman -Ss linux-44 or pacman -Ss linux44 (depending on which one return an exact match for a package) and you'll see all the Linux 4.4 related packages. You can also replace pacman with yaourt to search the AUR as well.
I'm not 100% sure on the compatibility. Boxes uses KVM/QEMU, which, in my opinion is better than virtualbox. It's a bit more "Linux friendly"
Wasn't sure how experienced you were. It's actually not there. That's odd. vboxconfig basically just installs kernel modules and then modprobes them.
I hope that makes a bit of sense, I'm kind of all over the place right now.
Oh that was the most helpfull 7 letters of this year =D With that info I was able to obtain both the right headers AND more important the right kernel modules for virtualbox and now it runs =D
Thank you very very much.
If I now alos manage to sourt that luks/grub2 thing out I am a happy camper again, and can leave ubuntu and its crap behind =)
For all that have no idea what I mean:
Thats the new one for me, that you unlock luks in grub, and that it takes for ever, literally for ever
You're most welcome. Arch and Manjaro have some differences, but once you get to know them, you'll find that they're both very easy to work with. You'll also find that you're in the command line a lot more on Manjaro than Ubuntu. That's probably for the better anyways, lots of things are just better done in the CLI unless the tool has been built from the ground up to have a gui.
Don't get me wrong, I like a good looking DE as well... I'm using Budgie right now.
I'll see what I can do, but depending on the way it was implemented, you may need to nuke and pave, choosing to forego the encryption. I'll do some digging.
I'm sure you have a good reason, so I'll ask, because I don't. Why don't you use SED/OPAL? (not sure what the difference is exactly) Except for if your SSD or bios does not support it.
I might be totally wrong, but what is if the machine the drive is in dies, can it be unlocked on a another machine? isn't it locked to the device it got activated in? (OPAL is the standard, SED is the tec)
If Puget systems is someone to be trusted, which I think they are, it only requires that the motherboard of the machine supports SED, then an SED SSD or HDD can be unlocked. Even if the option is missing in BIOS it is still possible. However, it only requires the password on a cold boot, not at sleep or reboot (and can thus be unlocked/clear the password, if it's gets stolen while not powered off, and the thief knows what he's doing), so that is a thing to consider if you want it to be a brick in a thief's hands.
The machine needs a yubikey and a password to log in, the bios on thinkpads isn't flushed by a battery remove, the SSDs ID is locked to the MB, so without Password it wont accept any other, the HDD is encrypted and the one and only allowed boot device, where you again need the uefi password to change that.
So A) they got a system they can not login B) they have a system that only boots into grub and than asks for another password XD
Sounds rather brick to me, aaahh and the T450s has a bottom cover detection as well that will stop it from booting unless the master password is given when you open the chase ^^
Yep, seems rather brick to me too haha. However, I thought you'd go with the SED alone if it were an option, to avoid the long loading time of the software encryption on top of that. Or did I misread something? Anyway, you'll have a quite secure system non-the-less.
I rather want to rely onto OS implementation that can get fixed if some flaw happens than a proprietary firmware that most likely never will get fixed.
As for the speed issue when unlocking: I found a view infos, and if I understand it correctly there is sort of a masterkey known to grub that will be used to unlock the actual key (which takes, cause of itterations) than the password you supplied will be used on that keyslot (more itterations) than on the next slot (even more itterations) untill it matches (or not) and than finally the volume(s) are beeing unlocked fully
Aha, so sort of like SED handles the keys actually, a keyword to unlock a key(word) which then matches, but yeah, the iterations for each volume seems like a substantial difference here.
And I agree with you, ideally, rather something you are in complete control of than any sort of proprietary SED capability.
Under ubuntu I had good success with luks (except for the never resolved issue of which keyboard layout is used ^^) and I realy hope that it wont break under my but, as this is my daily driver.. would be sad if it's not working for an extended time
Well i think with recently new stable releases of Manjaro the 16.10.02 or what ever, the stability seems to be improved a bit. However with period releases of inbetween 16.06 and 16.10 its was a mess, atleast for my experiance. Allot of issues with the update manager, until a certain update totaly bricked my 16.06 installation. Then i decided to give up on Manjaro for now. But there are also allot of users that have good luck with Manjaro, and use it as their daily driver for some time allready. But if Manjaro ever fails on you, well i guess then there is allways something like Fedora25. Which seems to be pretty a pretty decent distribution.